According to transaction data, the hacker responsible for the $321 million Wormhole Bridge breach has moved a substantial portion of the stolen cash. On January 23, the hacker transferred $155 million worth of Ether (ETH) to a decentralized exchange (DEX).

The Wormhole hack was the third largest cryptocurrency theft in 2022. This occurred after a problem was discovered on February 2 in the protocol’s token bridge. This attack led to the theft of 120,000 ETH wrapped up (wETH), which had a total value of about $321 million.

According to the transaction history of the alleged wallet address used by the hacker, the most recent activity shows that 95,630 ETH were sent to OpenOcean DEX and then converted into ETH-pegged assets, such as Lido Finance staked ETH (stETH ) and staked wrapped. ETH. This information was obtained from the blockchain transaction history of the alleged wallet address used by the hacker.

After digging further into the transaction history, members of the cryptocurrency community like Spreekaway discovered that the hacker carried out a series of transactions that seemed strange.

For example, the hacker used their stETH holdings as collateral to borrow 13 million of the DAI stablecoin, which they then exchanged for more steth, wrapped in more steth, and then used to borrow more DAI.

Notably, the Wormhole team took the opportunity to once again give the hacker a $10 million bounty if he returns all the cash. An encrypted message in a transaction communicates this information to the hacker.

Based on statistics provided by Dune Analytics, the substantial amount of ETH that the hacker transacted appears to have had a direct effect on the stETH price.

The asset’s price started the day slightly below its peg of 0.9962 ETH on January 23 and peaked at 1.0002 ETH the next day before falling back to its previous level of 0.9981 ETH on the time of writing this article.

Blockchain security firms like Ancilia Inc. issued a warning on Jan. 19 that searching Google for the keywords “Wormhole Bridge” currently returns sponsored ads websites that are actually phishing operations. This is likely to bring more attention to the Wormhole hack in light of the most recent incident.

The community has been warned to be very careful about the content of the links they click on in relation to this phrase.